Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-47855
HistoryMay 16, 2024 - 12:00 a.m.

CVE-2023-47855

2024-05-1600:00:00
ubuntu.com
ubuntu.com
4
cve-2023-47855
privilege escalation
local access
intel tdx module
input validation
unix

6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Improper input validation in some Intel® TDX module software before
version 1.5.05.46.698 may allow a privileged user to potentially enable
escalation of privilege via local access.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchintel-microcode< 3.20240514.0ubuntu0.18.04.1+esm1UNKNOWN
ubuntu20.04noarchintel-microcode< 3.20240514.0ubuntu0.20.04.1UNKNOWN
ubuntu22.04noarchintel-microcode< 3.20240514.0ubuntu0.22.04.1UNKNOWN
ubuntu23.10noarchintel-microcode< 3.20240514.0ubuntu0.23.10.1UNKNOWN
ubuntu24.04noarchintel-microcode< 3.20240514.0ubuntu0.24.04.1UNKNOWN
ubuntu16.04noarchintel-microcode< 3.20240514.0ubuntu0.16.04.1+esm1UNKNOWN

6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%